Lejacon: A Lightweight and Efficient Approach to Java Confidential Computing on SGX
Intel’s SGX is a confidential computing technique. It allows key functionalities of C/C++/native applications to be confidentially executed in hardware enclaves. However, numerous cloud applications are written in Java. For supporting their confidential computing, state-of-the-art approaches deploy Java Virtual Machines (JVMs) in enclaves and perform confidential computing on JVMs. Meanwhile, these JVM-in-enclave solutions still suffer from serious limitations, such as heavy overheads of running JVMs in enclaves, large attack surfaces, and deep computation stacks. To mitigate the above limitations, we formalize a Secure Closed-World (SCW) principle and then propose Lejacon, a lightweight and efficient approach to Java confidential computing. The key idea is, given a Java application, to (1) separately compile its confidential computing tasks into a bundle of Native Confidential Computing (NCC) services; (2) run the NCC services in enclaves on the Trusted Execution Environment (TEE) side, and meanwhile run the non-confidential code on a JVM on the Rich Execution Environment (REE) side. The two sides interact with each other, protecting confidential computing tasks and as well keeping the Trusted Computing Base (TCB) size small.
We implement Lejacon and evaluate it against OcclumJ (a state-of-the-art JVM-in-enclave solution) on a set of benchmarks using the BouncyCastle cryptography library. The evaluation results clearly show the strengths of Lejacon: it achieves competitive performance in running Java confidential code in enclaves; compared with OcclumJ, Lejacon achieves speedups by up to 16.2× in running confidential code and also reduces the TCB sizes by 90+% on average.
Thu 18 MayDisplayed time zone: Hobart change
13:45 - 15:15 | SE for security 2Technical Track / Journal-First Papers at Meeting Room 106 Chair(s): Cristian Cadar Imperial College London, UK | ||
13:45 15mTalk | SLR: From Saltzer & Schoeder to 2021… Journal-First Papers Nikhil Patnaik University of Bristol, Andrew C Dwyer University of Durham, Joseph Hallett , Awais Rashid University of Bristol, UK | ||
14:00 15mTalk | On-Demand Security Requirements Synthesis with Relational Generative Adversarial Networks (RelGAN) Technical Track Viktoria Koscinski Rochester Institute of Technology, Sara Hashemi Rochester Institute of Technology, Mehdi Mirakhorli Rochester Institute of Technology | ||
14:15 15mTalk | Measuring Secure Coding Practice and Culture: A Finger Pointing at the Moon is not the Moon Technical Track Ita Ryan University College Cork, Utz Roedig University College Cork, Klaas-Jan Stol Lero; University College Cork; SINTEF Digital Pre-print | ||
14:30 15mTalk | What Challenges Do Developers Face About Checked-in Secrets in Software Artifacts? Technical Track Setu Kumar Basak North Carolina State University, Lorenzo Neil North Carolina State University, Bradley Reaves North Carolina State University, Laurie Williams North Carolina State University Pre-print | ||
14:45 15mTalk | Lejacon: A Lightweight and Efficient Approach to Java Confidential Computing on SGX Technical Track Xinyuan Miao Shanghai Jiao Tong University, Ziyi Lin Alibaba Group, Shaojun Wang Alibaba Group, Lei Yu Alibaba Group, Sanhong Li Alibaba Inc., Zihan Wang Shanghai Jiao Tong University, Pengbo Nie Shanghai Jiao Tong University, Yuting Chen Shanghai Jiao Tong University, Beijun Shen Shanghai Jiao Tong University, He Jiang Dalian University of Technology Pre-print | ||
15:00 15mTalk | Keyword Extraction From Specification Documents for Planning Security Mechanisms Technical Track Jeffy Jahfar Poozhithara Apple Inc. and University of Washington Bothell, Hazeline Asuncion University of Washington Bothell, Brent Lagesse University of Washington Bothell Pre-print | ||